Blog >

Comments

Douglas CoulterMarch 28, 2018 3:28 PM

I tend to agree with 2 cents as far as that goes, but really, flying totally under the radar is extremely difficult anyway.

My Dad, worked for NRL doing things like secure comm. They defined two levels of security for their situation – tactical, and strategic.
Both are somewhat below the absolute level 2cent is talking about.

For tactical security, you’d be thinking about say, comm between planes, boats, or maybe tanks or field human units. It’s no secret you’re there, it’s only secret what you’re about to do. If the adversary decodes “start bombing mission now” the next day – so what?

Strategic security – hey, everyone already knows who the main adversaries are, there’s no point trying to make that secret, really. You might be on the fence in some cases, so you just don’t share some things. But what you’re after here is not keeping secret who your friends and enemies are – presumably that’s known.
But due to the power of planning – you’d like to keep those plans secret beyond when you might need them, to keep surprise a possibility and exploit a disorganized response to a smoothly operating plan of attack. Or vice versa.

In neither of those two, admittedly limited, cases, does it really matter whether you can throw things away. As 2cent qualified “if…you have to throw things away” – himself.

People thinking crypto or any behavioral kata will keep them safe even if they break laws or anger powerful people are in fact delusional. There’s a to doing that, which is why illegal stuff commands a higher dollar price – the old -reward ratio works for activities other than the mainstream ones.

For most other things, there’s crypto and careful fieldcraft.
It’s true that if you think *anything* makes it safe for little to challenge big – you’re riding to a fall.

If God made men and Colt made them equal, it was still a one on one kind of thing. One guy with a gun vs an army of mere ants – or people with bare hands – you lose. Better not to fight.

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here